What do you do if your ACS server is down and your clients authenticate wit
OK so I am setting up a wireless network that is going to have about 500 APs on it. There are about 30 at each remote location. I want to use LEAP for authentication. If the WAN connection at a site goes down or worse the ACS server is dead, how can clients authenticate until the server comes back up? I have fully configured WDS at each site and also have a WLSE server. Is there a caching system built into any of these systems?
Re: What do you do if your ACS server is down and your clients a
There is no user authentication credential caching. If the WAN link is down and you don't have a local ACS, then users won't be able to authenticate. However, an alternative is to run some other RADIUS service (such as Microsoft's IAS) if you have local DCs (assuming you are a Windows shop) at your remote locations. IAS is a decent fallback RADIUS server.
As for a down ACS, I would seriously consider a secondary one to provide some redundnacy. I have four: 2 for most of our remote sites to use, 1 at our largest site in North America, and 1 in South America. With that much redundancy, I can take down any of the ACS servers for maintenance/upgrades, and the users don't notice.
Also, on my network I have taken the approach that if the WAN link is down, users not being able to authenticate to wireless is a moot issue since many of our apps are hosted centrally and a down WAN link means even the wired users are down.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...